CWE:
 

Topic
Date
Author
Med.
PTCEvolution 5.50 SQL Injection
18.09.2017
Ihsan Sencan
Med.
Contact Manager 1.0 'femail' Parameter SQL Injection
18.09.2017
Ihsan Sencan
Med.
VSP Softtech - Sql Injection Vulnerability
17.09.2017
hamidhacker
Med.
ICMLM 2.1 SQL Injection
17.09.2017
Ihsan Sencan
Med.
ATQITS Admin Panel Bypass
16.09.2017
GU3LT03M
Med.
XYZ Auto Classifieds 1.0 SQL Injection
15.09.2017
8bitsec
Med.
ICDutchAuction 1.2 SQL Injection
14.09.2017
Ihsan Sencan
Med.
ICCallLimousine 1.1 key Parameter SQL Injection
14.09.2017
Ihsan Sencan
Med.
ICProjectBidding 1.1 SQL Injection
14.09.2017
Ihsan Sencan
Med.
ICDental Clinic 1.2 key Parameter SQL Injection
14.09.2017
Ihsan Sencan
Med.
ICSiteBuilder 1.1 SQL Injection
14.09.2017
Ihsan Sencan
Med.
ICEstate 1.1 id Parameter SQL Injection
14.09.2017
Ihsan Sencan
Med.
ICSurvey 1.1 SQL Injection
14.09.2017
Ihsan Sencan
Med.
ICJewelry 1.1 key Parameter SQL Injection
14.09.2017
Ihsan Sencan
Med.
EduStar Udemy Clone Script 1.0 SQL Injection
13.09.2017
8bitsec
Med.
AirStar Airbnb Clone Script 1.0 SQL Injection
13.09.2017
8bitsec
Med.
PHP Dashboards NEW 4.4 SQL Injection
13.09.2017
Ihsan Sencan
Med.
inClick Cloud Server 5.0 SQL Injection
13.09.2017
Ihsan Sencan
Med.
Huge-IT Catalog v1.0.7 for Joomla Unauthenticated SQL Injection
12.09.2017
Larry W. Cashdollar
Med.
Online Invoice System 3.0 SQL Injection
12.09.2017
Ihsan Sencan
Med.
Job Board Software 1.0 SQL Injection
12.09.2017
Ihsan Sencan
Low
JGI CMS - DOM-Based Cross Site Scripting
11.09.2017
Renzi
Med.
Restaurant Website Script 1.0 SQL Injection
11.09.2017
Ihsan Sencan
Med.
Law Firm 1.0 SQL Injection
11.09.2017
Ihsan Sencan
Med.
Professional Service Booking 1.0 SQL Injection
11.09.2017
Ihsan Sencan
Med.
Just Dial Marketplace 1.0 SQL Injection
11.09.2017
Ihsan Sencan
Med.
Escort Marketplace 1.0 SQL Injection
11.09.2017
Ihsan Sencan
Med.
EzInvoice 6.02 SQL Injection
08.09.2017
Ihsan Sencan
Med.
EzBan 5.3 id Parameter SQL Injection
08.09.2017
Ihsan Sencan
Med.
A2billing 2.x SQL Injection
07.09.2017
Ahmed sultan
Med.
Cory Support SQL Injection
06.09.2017
v3n0m
Med.
Pay Banner Text Link Ad 1.0.6.1 SQL Injection
06.09.2017
Ihsan Sencan
Med.
The Car Project 1.0 - SQL Injection
06.09.2017
Ihsan Sencan
Med.
iGreeting Cards 1.0 SQL Injection
05.09.2017
Ihsan Sencan
Med.
The Next Generation of Genealogy Sitebuilding SQL Injection Vulnerability
01.09.2017
X-Cisadane
Med.
Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
01.09.2017
Larry W. Cashdollar
Med.
PHP Video Battle Script 1.0 - SQL Injection
31.08.2017
Ihsan Sencan
Med.
Joomla! Component Quiz Deluxe 3.7.4 SQL Injection
31.08.2017
Ihsan Sencan
Med.
The Next Generation Of Genealogy Sitebuilding SQL Injection
30.08.2017
X-Cisadane
Med.
Posty 1.0 SQL Injection
30.08.2017
Ali BawazeEer
Med.
AutoCar 1.1 category Parameter SQL Injection
29.08.2017
Bora Bozdogan
Med.
A M Technologies SQL injection Vulnerability
27.08.2017
Mr.voltage && mtn08
Med.
Matrimonial Script - SQL Injection
24.08.2017
Ihsan Sencan
Med.
Doctor Patient Project 1.0 SQL Injection
23.08.2017
Ihsan Sencan
Med.
NKINFOWEB 5.2.2.9 SQL Injection vulnerability
22.08.2017
Indoushka
Med.
PHP Coupon Script 6.0 SQL Injection
22.08.2017
Ihsan Sencan
Med.
Bitcoin / Dogecoin Mining 1.0 SQL Injection
22.08.2017
Ihsan Sencan
Med.
Joomla Ajax Quiz 1.8 SQL Injection
22.08.2017
Ihsan Sencan
Med.
Food Ordering Script 1.0 SQL Injection
20.08.2017
Ihsan Sencan
Med.
SOA School Management 3.0 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
eCardMAX 10.5 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Joomla! Component Appointment 1.1 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Joomla! Component Calendar Planner 1.0.1 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Joomla! Component SP Movie Database 1.3 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Joomla! Component Zap Calendar Lite 4.3.4 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
LiveSupport 1.0 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Matrimony Script 2.7 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
LiveInvoices 1.0 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Joomla! Component KissGallery 1.0.0 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
LiveCRM 1.0 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
LiveSales 1.0 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Joomla! Component Twitch Tv 1.1 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
LiveProjects 1.0 - SQL Injection
19.08.2017
Ihsan Sencan
Med.
Shipwize.com SQL INJECTION LOGIN BYPASS
18.08.2017
Nyx of CycoSEC
Med.
Online Quiz Project 1.0 - SQL Injection
18.08.2017
Ihsan Sencan
Med.
Photogallery Project 1.0 SQL Injection
18.08.2017
Ihsan Sencan
Med.
Theo CMS 2.0 SQL Injection
15.08.2017
Manuel GarcAa CA!rdena...
Med.
De-Tutor 1.0 SQL Injection
15.08.2017
Ihsan Sencan
Med.
De-Workshop Auto Workshop Portal 1.0 SQL Injection
15.08.2017
Ihsan Sencan
Med.
De-Journal Academic Journal And Peer Review System 1.0 SQL Injection
15.08.2017
Ihsan Sencan
Med.
ImageBay 1.0 - SQL Injection
11.08.2017
Ihsan Sencan
Med.
GIF Collection 2.0 - SQL Injection
11.08.2017
Ihsan Sencan
Med.
WordPress Easy Modal 2.0.17 SQL Injection
11.08.2017
Neven Biruski
Med.
WordPress Podlove Podcast Publisher 2.5.3 SQL Injection
11.08.2017
Neven Biruski
Med.
WordPress Plugin Easy Modal 2.0.17 SQL Injection
08.08.2017
defensecode
Med.
Joomla! Component StreetGuessr Game 1.1.8 SQL Injection
04.08.2017
Ihsan Sencan
Med.
Universitas Pendidikan Ganesha CMS SQLi Vulnerability
04.08.2017
Berandal | OWL SQUAD
Med.
EDUMOD Pro 1.3 SQL Injection
04.08.2017
Kaan KAMIS
Med.
Premium Servers List Tracker 1.0 SQL Injection
04.08.2017
Kaan KAMIS
Med.
Integrated IT Services Pvt. Ltd bypass login admin
03.08.2017
irunknown's
Med.
Joomla Component Ultimate Property Listing 1.0.2 - SQL Injection
03.08.2017
Informacion - Anonymou...
Med.
Entrepreneur B2B Script SQL Injection
03.08.2017
Meisam Monsef
Med.
Joomla! Component Event Registration Pro Calendar 4.1.3 - SQL Injection
02.08.2017
Ihsan Sencan
Med.
Joomla! Component LMS King Professional 3.2.4.0 - SQL Injection
02.08.2017
Ihsan Sencan
Med.
Joomla! Component Ultimate Property Listing 1.0.2 - SQL Injection
02.08.2017
Ihsan Sencan
Med.
Joomla! Component SIMGenealogy 2.1.5 - SQL Injection
02.08.2017
Ihsan Sencan
Med.
Joomla! Component PHP-Bridge 1.2.3 - SQL Injection
02.08.2017
Ihsan Sencan
Med.
Designed By : JH Tech Network Admin Page Bypass
02.08.2017
Azerbaycanli Hacker
Med.
Shervin Pardaz SQL Injection
02.08.2017
Dmitriy_Area51
Med.
SOL.Connect ISET-mpp meter 1.2.4.2 - SQL Injection
01.08.2017
Andy Tan
Med.
VehicleWorkshop SQL Injection
31.07.2017
Shahab Shamsi
Med.
Joomla! Component CCNewsLetter 2.1.9 - 'sbid' Parameter SQL Injection
29.07.2017
Shahab Shamsi
Med.
Friends in War Make or Break 1.7 - SQL Injection
27.07.2017
Ihsan Sencan
Med.
PaulShop Cross Site Scripting / SQL Injection
25.07.2017
BTIS Team
Med.
NEC Universe UM4730 SQL Injection
22.07.2017
b0x41s
Med.
Joomla JoomRecipe 1.0.4 Component - Blind SQL Injection Vulnerability
21.07.2017
Teng
Med.
บ้านเว็บไซต์ SQl inj. Vulnerability
19.07.2017
Shigi
Med.
Delegación de Asociaciones SQL Inj Vulnerability
06.07.2017
Shigi
Med.
iWebSoul CMS SQL Injection Vulnerability
03.07.2017
GhostSecurity
Med.
Royal Custom CMS Admin Login Bypass upload sh3ll
03.07.2017
iranonymous


CVEMAP Search Results

CVE
Details
Description
2015-02-20
Medium
CVE-2015-1517

Vendor: Piwigo
Software: Piwigo
 

 
SQL injection vulnerability in Piwigo before 2.7.4, when all filters are activated, allows remote authenticated users to execute arbitrary SQL commands via the filter_level parameter in a "Refresh photo set" action in the batch_manager page to admin.php.

 
2015-02-17
Medium
CVE-2015-1616

Vendor: Mcafee
Software: Data loss pr...
 

 
SQL injection vulnerability in the ePO extension in McAfee Data Loss Prevention Endpoint (DLPe) before 9.3.400 allows remote authenticated ePO users to execute arbitrary SQL commands via unspecified vectors.

 
2015-02-12
Medium
CVE-2015-1471

Vendor: Pragyan cms project
Software: Pragyan cms
 

 
SQL injection vulnerability in userprofile.lib.php in Pragyan CMS 3.0 allows remote attackers to execute arbitrary SQL commands via the user parameter to the default URI.

 
2015-02-11
Medium
CVE-2015-1576

Vendor: YUBA
Software: U5cms
 

 
Multiple SQL injection vulnerabilities in u5CMS before 3.9.4 allow remote attackers to execute arbitrary SQL commands via the name parameter to (1) copy2.php, (2) localize.php, (3) metai.php, (4) nc.php, (5) new2.php, or (6) rename2.php in u5admin/; (7) c parameter to u5admin/editor.php; (8) typ parameter to u5admin/meta2.php; or (9) newname parameter to u5admin/rename2.php.

 
2015-02-06
Medium
CVE-2015-1442

Vendor: AAS9
Software: Zerocms
 

 
SQL injection vulnerability in views/zero_transact_user.php in the administrative backend in ZeroCMS 1.3.3, 1.3.2, and earlier allows remote authenticated users to execute arbitrary SQL commands via the user_id parameter in a Modify Account action. NOTE: The article_id parameter to zero_view_article.php vector is already covered by CVE-2014-4034.

 
Medium
CVE-2015-1514

Vendor: Fancyfon
Software: Famoc
 

 
Multiple SQL injection vulnerabilities in FancyFon FAMOC before 3.17.4 allow (1) remote attackers to execute arbitrary SQL commands via the device ID REST parameter (PATH_INFO) to /ajax.php or (2) remote authenticated users to execute arbitrary SQL commands via the order parameter to index.php.

 
2015-02-04
Medium
CVE-2015-1476

Vendor: Ecommercemajor project
Software: Ecommercemajor
 

 
Multiple SQL injection vulnerabilities in xlinkerz ecommerceMajor allow remote attackers to execute arbitrary SQL commands via the (1) productbycat parameter to product.php, or (2) username or (3) password parameter to __admin/index.php.

 
Medium
CVE-2015-1477

Vendor: Cmsjunkie
Software: J-classified...
 

 
SQL injection vulnerability in the CMSJunkie J-ClassifiedsManager component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a viewad task to classifieds/offerring-ads.

 
Medium
CVE-2015-1479

Vendor: Manageengine
Software: Servicedesk plus
 

 
SQL injection vulnerability in reports/CreateReportTable.jsp in ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to execute arbitrary SQL commands via the site parameter.

 
2015-02-03
Medium
CVE-2015-1400

Vendor: NPDS
Software: Revolution
 

 
SQL injection vulnerability in search.php in NPDS Revolution 13 allows remote attackers to execute arbitrary SQL commands via the query parameter.

 

 


Copyright 2017, cxsecurity.com

 

Back to Top